CVE-2005-1038

10 documents5 sources
Severity
2.1LOW
EPSS
0.1%
top 77.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Paul Vixie Vixie CronRedhat Enterprise Linux
Timeline
PublishedMay 2
Latest updateMay 3

Description

crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

Also affects: Enterprise Linux 4.0

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-xmqm-497m-6h9h: crontab in Vixie cron 42022-05-03
CVEList
CVE-2005-1038: crontab in Vixie cron 42005-04-10

📋Vendor Advisories

1
Red Hat
security flaw2005-04-06

💬Community

6
Bugzilla
CVE-2005-1038 security flaw2018-08-16
Bugzilla
CAN-2005-1038 vixie-cron information leak2005-07-21
Bugzilla
CVE-2005-1038 vixie-cron information leak2005-06-29
Bugzilla
CAN-2005-1038 vixie-cron information leak2005-04-20
Bugzilla
CAN-2005-1038 vixie-cron information leak2005-04-14
CVE-2005-1038 (LOW CVSS 2.1) | crontab in Vixie cron 4.1 | cvebase.io